lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-id: <2150956.98751386754831696.JavaMail.weblogic@epml23>
Date:	Wed, 11 Dec 2013 09:40:34 +0000 (GMT)
From:	Anurag Aggarwal <a.anurag@...sung.com>
To:	Dave Martin <Dave.Martin@....com>
Cc:	"linux-arm-kernel@...ts.infradead.org" 
	<linux-arm-kernel@...ts.infradead.org>,
	Naveen Kumar <naveen.sel@...sung.com>,
	Narendra Meher <narendra.m1@...sung.com>,
	"nico@...aro.org" <nico@...aro.org>,
	Catalin Marinas <Catalin.Marinas@....com>,
	Will Deacon <Will.Deacon@....com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Ashish Kalra <ashish.kalra@...sung.com>,
	"cpgs ." <cpgs@...sung.com>,
	"anurag19aggarwal@...il.com" <anurag19aggarwal@...il.com>,
	"naveenkrishna.ch@...il.com" <naveenkrishna.ch@...il.com>,
	Rajat Suri <rajat.suri@...sung.com>,
	Poorva Srivastava <poorva.s@...sung.com>,
	Mohammad Irfan Ansari <mohammad.a2@...sung.com>
Subject: Re: [PATCH V6] ARM : unwinder : Prevent data abort due to stack
 overflow

>You could try adding some debug printks to see how the backtrace fails.
>You could also try adding a few hand-crafted assembler functions
>with appropriate code and unwind directives to trigger different kinds
>of backtrace failure.  You might have to add a way to artificially limit
>sp_high to check the cases where you run out of stack in the middle of
>popping multiple registers.

I added a a printk statement 
+               if (*vsp >= (unsigned long *)ctrl->sp_high) {
+                       printk(KERN_ERR "Stack Overflow Detected, vsp = %lx",
+                               (unsigned long)*vsp);
+                       return -URC_FAILURE;
+               }

I ran a many test cases to try and get the above print in the dmesg log.

I tried the following things :

1) Calling unwind_backtrace from diffrenet locations in the kernel, I added the unwind call 
in some irq, fork, exit and some sysfs entries call.
2) I limited the value of sp_high in unwind_frame() itself, I tried many values of sp_high, 
varrying from (low + sizeof(ctrl.vrs)/4) to (low + 4*sizeof(ctrl.vrs)).

When running the above cases I was able to see the above printk quiet a few times in dmesg log.

So, the error condition is being handled.

If you have some test cases for verifying the unwinder, please share the same. They might help 
in thorough testing of unwinder.



Regards
Anurag

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ